tool: use feature names instead of bit mask, when possible

If the run-time libcurl is too old to support feature names, the name
array is created locally from the bit masks. This is the

tool: use feature names instead of bit mask, when possible

If the run-time libcurl is too old to support feature names, the name
array is created locally from the bit masks. This is the only sequence
left that uses feature bit masks.

Closes #9583

show more ...

tool_operate: provide better errmsg for -G with bad URL

If the URL that -G would try to add a query to could not be parsed, it would
display

curl: (27) Out of memory

I

tool_operate: provide better errmsg for -G with bad URL

If the URL that -G would try to add a query to could not be parsed, it would
display

curl: (27) Out of memory

It now instead shows:

curl: (2) Could not parse the URL, failed to set query

Reported-by: Alex Xu
Fixes #9889
Closes #9892

show more ...

curl: add --url-query

This option adds a piece of data, usually a name + value pair, to the
end of the URL query part. The syntax is identical to that used for
--data-urlencode with

curl: add --url-query

This option adds a piece of data, usually a name + value pair, to the
end of the URL query part. The syntax is identical to that used for
--data-urlencode with one extension:

If the argument starts with a '+' (plus), the rest of the string is
provided as-is unencoded.

This allows users to "build" query parts with options and URL encoding
even when not doing GET requests, which the already provided option -G
(--get) is limited to.

This idea was born in a Twitter thread.

Closes #9691

show more ...

tool_operate: when aborting, make sure there is a non-NULL error buffer

To store custom errors in. Or SIGSEGVs will follow.

Reported-by: Trail of Bits
Closes #9865

curl: timeout in the read callback

The read callback can timeout if there's nothing to read within the
given maximum period. Example use case is when doing "curl -m 3
telnet://exampl

curl: timeout in the read callback

The read callback can timeout if there's nothing to read within the
given maximum period. Example use case is when doing "curl -m 3
telnet://example.com" or anything else that expects input on stdin or
similar that otherwise would "hang" until something happens and then not
respect the timeout.

This fixes KNOWN_BUG 8.1, first filed in July 2009.

Bug: https://sourceforge.net/p/curl/bugs/846/

Closes #9815

show more ...

misc: typo and grammar fixes

- Replace `Github` with `GitHub`.
- Replace `windows` with `Windows`
- Replace `advice` with `advise` where a verb is used.
- A few fixes on removing

misc: typo and grammar fixes

- Replace `Github` with `GitHub`.
- Replace `windows` with `Windows`
- Replace `advice` with `advise` where a verb is used.
- A few fixes on removing repeated words.
- Replace `a HTTP` with `an HTTP`

Closes #9802

show more ...

tool_xattr: save the original URL, not the final redirected one

Adjusted test 1621 accordingly.

Reported-by: Viktor Szakats
Fixes #9766
Closes #9768

tool_operate: more transfer cleanup after parallel transfer fail

In some circumstances when doing parallel transfers, the
single_transfer_cleanup() would not be called and then 'inglob'

tool_operate: more transfer cleanup after parallel transfer fail

In some circumstances when doing parallel transfers, the
single_transfer_cleanup() would not be called and then 'inglob' could
leak.

Test 496 verifies

Reported-by: Trail of Bits
Closes #9749

show more ...

curl/add_parallel_transfers: better error handling

1 - consider the transfer handled at once when in the function, to avoid
the same list entry to get added more than once in rare er

curl/add_parallel_transfers: better error handling

1 - consider the transfer handled at once when in the function, to avoid
the same list entry to get added more than once in rare error
situations

2 - set the ERRORBUFFER for the handle first after it has been added
successfully

Reported-by: Trail of Bits

Closes #9729

show more ...

curl/add_file_name_to_url: use the libcurl URL parser

instead of the custom error-prone parser, to extract and update the path
of the given URL

Closes #9683

single_transfer: use the libcurl URL parser when appending query parts

Instead of doing "manual" error-prone parsing in another place.

Used when --data contents is added to the URL

single_transfer: use the libcurl URL parser when appending query parts

Instead of doing "manual" error-prone parsing in another place.

Used when --data contents is added to the URL query when -G is provided.

Closes #9681

show more ...

docs: spelling nits

- MingW -> MinGW (Minimalist GNU for Windows)
- f.e. -> e.g.
- some whitespace and punctuation.

Reviewed-by: Daniel Stenberg

Closes #9622

tool: remove dead code

Add a debug assertion to verify protocols included/excluded in a set
are always tokenized.

Follow-up to commit 677266c.

Closes #9576

tool: remove protocol count limitation

Replace bit mask protocol sets by null-terminated arrays of protocol
tokens. These are the addresses of the protocol names returned by
curl_ver

tool: remove protocol count limitation

Replace bit mask protocol sets by null-terminated arrays of protocol
tokens. These are the addresses of the protocol names returned by
curl_version_info().

Protocol names are sorted case-insensitively before output to satisfy CI
tests matches consistency.

The protocol list returned by curl_version_info() is augmented with all
RTMP protocol variants.

Test 1401 adjusted for new alpha ordered output.

Closes #9546

show more ...

cli tool: do not use disabled protocols

As they are now rejected by the library, take care of not passing
disabled protocol names to CURLOPT_PROTOCOLS_STR and
CURLOPT_REDIR_PROTOCOLS

cli tool: do not use disabled protocols

As they are now rejected by the library, take care of not passing
disabled protocol names to CURLOPT_PROTOCOLS_STR and
CURLOPT_REDIR_PROTOCOLS_STR.

Rather than using the CURLPROTO_* constants, dynamically assign protocol
numbers based on the order they are listed by curl_version_info().

New type proto_set_t implements prototype bit masks: it should therefore
be large enough to accomodate all library-enabled protocols. If not,
protocol numbers beyond the bit count of proto_set_t are recognized but
"inaccessible": when used, a warning is displayed and the value is
ignored. Should proto_set_t overflows, enabled protocols are reordered to
force those having a public CURLPROTO_* representation to be accessible.

Code has been added to subordinate RTMP?* protocols to the presence of
RTMP in the enabled protocol list, being returned by curl_version_info()
or not.

show more ...

tool_operate: avoid a few #ifdefs for disabled-libcurl builds

By providing empty macros in the header file instead, the code gets
easier to read and yet is disabled on demand.

C

tool_operate: avoid a few #ifdefs for disabled-libcurl builds

By providing empty macros in the header file instead, the code gets
easier to read and yet is disabled on demand.

Closes #9486

show more ...

tool_operate: fix msnprintfing the error message

Follow-up to 7be53774c41c59b47075fba

Coverity CID 1513717 pointed out that we cannot use sizeof() on the
error buffer anymore.

tool_operate: fix msnprintfing the error message

Follow-up to 7be53774c41c59b47075fba

Coverity CID 1513717 pointed out that we cannot use sizeof() on the
error buffer anymore.

Closes #9440

show more ...

NPN: remove support for and use of

Next Protocol Negotiation is a TLS extension that was created and used
for agreeing to use the SPDY protocol (the precursor to HTTP/2) for
HTTPS. I

NPN: remove support for and use of

Next Protocol Negotiation is a TLS extension that was created and used
for agreeing to use the SPDY protocol (the precursor to HTTP/2) for
HTTPS. In the early days of HTTP/2, before the spec was finalized and
shipped, the protocol could be enabled using this extension with some
servers.

curl supports the NPN extension with some TLS backends since then, with
a command line option `--npn` and in libcurl with
`CURLOPT_SSL_ENABLE_NPN`.

HTTP/2 proper is made to use the ALPN (Application-Layer Protocol
Negotiation) extension and the NPN extension has no purposes
anymore. The HTTP/2 spec was published in May 2015.

Today, use of NPN in the wild should be extremely rare and most likely
totally extinct. Chrome removed NPN support in Chrome 51, shipped in
June 2016. Removed in Firefox 53, April 2017.

Closes #9307

show more ...

tool_operate: reduce errorbuffer allocs

- parallel transfers: only alloc and keep errorbuffers in memory for
actual "live" transfers and not for the ones in the pending queue

tool_operate: reduce errorbuffer allocs

- parallel transfers: only alloc and keep errorbuffers in memory for
actual "live" transfers and not for the ones in the pending queue

- serial transfers: reuse the same fixed buffer for all transfers, not
allocated at all.

Closes #9394

show more ...

tool_operate: prevent over-queuing in parallel mode

When doing a huge amount of parallel transfers, we must not add them to
the per_transfer list frivolously since they all use memory af

tool_operate: prevent over-queuing in parallel mode

When doing a huge amount of parallel transfers, we must not add them to
the per_transfer list frivolously since they all use memory after all.
This was previous done without really considering millions or billions
of transfers. Massive parallelism would use a lot of memory for no good
purpose.

The queue is now limited to twice the paralleism number.

This makes the 'Qd' value in the parallel progress meter mostly useless
for users, but works for now for us as a debug display.

Reported-by: justchen1369 on github
Fixes #8933
Closes #9389

show more ...

tool: reintroduce set file comment code for AmigaOS

Amiga specific code which put the URL in the file comment was perhaps
accidentally removed in b88940850002a3f1c25bc6488b95ad30eb80d696

tool: reintroduce set file comment code for AmigaOS

Amiga specific code which put the URL in the file comment was perhaps
accidentally removed in b88940850002a3f1c25bc6488b95ad30eb80d696 having
originally been added in 5c215bdbdfde8b2350cdcbac82aae0c914da5314.
Reworked to fit the code changes and added it back in.

Reported-by: Michael Trebilcock
Originally-added-by: Chris Young

Closes #9258

show more ...

docs: remove him/her/he/she from documentation

Closes #9208

tool_operate: better cleanup of easy handle in exit path

Closes #9114

setopt: add CURLOPT_PROTOCOLS_STR and CURLOPT_REDIR_PROTOCOLS_STR

... as replacements for deprecated CURLOPT_PROTOCOLS and
CURLOPT_REDIR_PROTOCOLS as these new ones do not risk running i

setopt: add CURLOPT_PROTOCOLS_STR and CURLOPT_REDIR_PROTOCOLS_STR

... as replacements for deprecated CURLOPT_PROTOCOLS and
CURLOPT_REDIR_PROTOCOLS as these new ones do not risk running into the
32 bit limit the old ones are facing.

CURLINFO_PROTCOOL is now deprecated.

The curl tool is updated to use the new options.

Added test 1597 to verify the libcurl protocol parser.

Closes #8992

show more ...

curl: output warning when a cookie is dropped due to size

Dropped from the request, that is.

Closes #9064